RDP stands for Remote Desktop Protocol, which uses TCP Port 3389 and enables users to control the desktop of the other computer, RDP's are mostly used in organizations and business environments. Recently a new worm named as Morto worm has became the cause behind the spike in traffic to TCP Port 3389 (Which is used by RDP) according to a report by Fsecure.
Few days ago a massive DOS vulnerability was found in Apache's version 1.3 and 2.x, leaving more than 50% of the internet vulnerable to DOS attack, This Dos attack is so powerful that a single computer can take down the whole server. A new tool named Apachekiller has been observed actively in wild.
If you are an android users, you could be or might be the next victim of hackers, According to a report by Mcafee, Google android has became the number 1 target of hackers, The Mcafee report also says that the recent attacks from hacktivists Anonymous and Lulzsec security helped in driving a massive increase in Online attacks.
According to OWASP top 10 vulnerabilities of 2010, SQL injection is the most dangerous and most common vulnerability around, A SQL Injection vulnerability occurs due to improper input validation or no input validation at all, what I mean by improper or no input validation is the user input is not filtered(for escape characters) before it gets passed to the SQL database, A Sql injection attack can be any many forms, but it's usually categorized into 3 types:
2. Out of band
While browsing on the internet, I came across an excellent presentation on Advanced SQL Injection techniques by john Mccray, In this presentation john Mccray discusses some of advanced SQL Injection methods and topics such as IDS evasion, filter bypassing etc.
Well, currently apple store is down in lots of countries, A rumor is currently floating that if it's hacked or a victim of a Dddos attack, which makes people think if the hackivists group anonymous might be behind this attack, Usually when ever apple store is down, apple arrives with a new product launch, however if this is the case and apple is planning for a new product launch, the apple store should have been down in all other countries.
RHA, In my previous post which I wrote in 2010 related to facebook hacking and security 4 ways on How to hack facebook password, I mentioned the top methods which were used by hackers to hack facebook accounts, however lots of things have changed in 2012, Lots of methods have went outdated or have been patched up by facebook and lots of new methods have been introduced, So in this post I will write the top 10 methods how hackers can hack facebook accounts in 2011.
Earlier friday morning myspace shocked it's users, when the myspace homepage was showing a mysterious message, Lots of people though that anonymous hackivist group might be behind this attack. When ever a visitor came across the myspace homepage the following message was displayed.
We messed up our code so bad that even puppies and kittens may be in danger. Please turn back …now.* Have your pet spayed or neutered.
Lots of people thought that myspace was hacked and the hackers just changed the myspace website with this custom error page, However myspace has been using this error message from 2009 which is occured due to internal errors.
Well, here is another shocking news, The famous hackativist group Anonymous claims that they take take down the facebook on november 5. The huge attack is aimed at destroying Facebook. The anonymous hacking group has posted a video in which they explain why will they attack facebook.
Attacking Windows XP SP2 With Metasploit, I wrote a step by step guide on how to attack a windows xp host with metasploit, Metasploit is a great penetration testing tool, however there are couple of other tools which can make the usage of metasploit much easier, One of the popular tool is Armitage, As defined by it's authors "Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework.Advanced users will find Armitage valuable for managing remote Metasploit instances and collaboration. Armitage's red team collaboration features allow your team to use the same sessions, share data, and communicate through one Metasploit instance."
In the previous post related to metasploit "How To Use A Keylogger Inside Metasploit Using Meterpreter?", I explained an easy to to use keylogger inside meterpreter in order to get the victims keystrokes, However after writing that article I received some comments which disappointed me alot, The readers were asking questions like "What Is Metasploit", "What is Meterpreter", So I decided not to jump in to the advanced topics before covering the basics.
Russian hackers have a very strong history with Malware development, Infact russians hackers currently own world's most dangerous malwares. One of those dangerous and popular malware's we have is the "Black Hole Exploit Kit". Black hole exploit kit is basically a collection of tons of browser exploit which takes advantage of the vulnerability on user browser in order to infect your computer.
How Does It Works?
When ever a user visits a clean website, the malicious Iframe then redirects the user to the blackhole exploit server, Which then triggers out all the well known exploits on victims browser and gives remote access to the attacker.
The annual license for blackhole exploit kit costs around 1500$, the semi annual license costs 700$ and the quarterly license costs 700$. The author also gives you option to rent the exploit kit as well as you can host the exploit kit on authors server for a small fee.
Well here is another exciting news for all penetration testers and backtrack lovers, Backtrack will launch backtrack r1(release one) on 10th august, According to offensive security team backtrack r1 will come with around 100 bug fixes and in addition to it backtrack 5 rc1 will also include over 30 tools and numerous package updates.
According to offensive security team:
According to offensive security team:
We have a few exciting items to announce in the upcoming month, one of them being BackTrack 5 R1 (Release one) which will be available for download on the 10th of August,2011. This will complete our first 3 month cycle since the last release. With over 100 bug fixes, numerous package updates and the addition of over 30 new tools and scripts – BackTrack 5 R1 will rock. We will have a pre-release event of BackTrack 5 R1 at the BlackHat / Defcon Conference a few days earlier.